WSO2 API Manager has an integrated Swagger UI, which is part of the Swagger project.

Swagger is a 100% open source, standard, language-agnostic specification and a complete framework for describing, producing, consuming, and visualizing RESTful APIs, without the need of a proxy or third-party services. Swagger allows consumers to understand the capabilities of a remote service without accessing its source code and interact with the service with a minimal amount of implementation logic. Swagger helps describe a services in the same way that interfaces describe lower-level programming code.

The Swagger UI is a dependency-free collection of HTML, JavaScript, and CSS that dynamically generate documentation from a Swagger-compliant API. Swagger-compliant APIs give you interactive documentation, client SDK generation and more discoverability. The Swagger UI has JSON code and its UI facilitates easier code indentation, keyword highlighting and shows syntax errors on the fly. You can add resource parameters, summaries and descriptions to your APIs using the Swagger UI.

Subscribe to the API (e.g., PhoneVerification 1.0.0) using the default application and an available tier.

Go to the My Subscriptions page and generate a production key to the default application using which you subscribed to the API.

Click the APIs menu in the API Store and then click on the API that you want to invoke. When the API opens, go to its API Console tab.

Expand the GET method, provide the required parameters and click Try it Out. For example,

PhoneNumber

E.g., 18006785432

LicenseKey

Give 0 for testing purpose

Authorization

The API console is automatically populated by the access token that you generated in step 3 after subscribing to the API.

The token is prefixed by the string "Bearer" as per the OAuth bearer token profile. OAuth security is enforced on all published APIs. If the application key is invalid, you get a 401 Unauthorized response in return.

If you cannot invoke the API's HTTPS endpoint (causes the SSLPeerUnverified exception), it could be because the security certificate issued by the server is not trusted by your browser. To resolve this issue, access the HTTPS endpoint directly from your browser and accept the security certificate.

Note the response for the API invocation. As we used a valid phone number in this example, the response is valid.